I want to test a new protocol of communication, and for this i need to intercept every single package entering and leaving the network layer of the OSI model. any idea how to intercept those packages and perform the tasks i want to perform on them before letting them go.
Asked
Active
Viewed 791 times
0
-
Would [Wireshark](http://www.wireshark.org/) be comprehensive enough? – Widor Oct 14 '11 at 16:12
-
What tasks are these?You want to process the package before they leave the NIC? – Cratylus Oct 14 '11 at 16:15
-
i want to add a new header to the packets and control to which medium they will be sent, because i have many mediums. – Tarik Mokafih Oct 14 '11 at 16:21
3 Answers
1
http://www.charlesproxy.com/ is a great tool for intercepting, inspecting, modifying, and resending network requests. Its main mode is for http however it has an option to catch and forward any port and a socks proxy option. It understands quite a few payload formats natively and is very useful with minimum effort.
rgiar
- 1,688
- 18
- 10
0
Wireshark is a useful program for letting you sniff network traffic (i.e. passively observe). And on *nix systems, raw sockets give you the ability to bypass most of the network stack and craft custom packets.
Brian McFarland
- 9,052
- 6
- 38
- 56
-
i've read about raw sockets, i will try them, hoping that it will help me reach what i want – Tarik Mokafih Oct 14 '11 at 16:28
-
but the problem is that i don't want to generate new packets and send them, but intercept for example the queries that the web browser send to the server when they leave the network layer, and perform some tasks on them before letting them go, (i want to add a new header to the packets before they leave) – Tarik Mokafih Oct 14 '11 at 16:32
0
Use "Microsoft Network Monitor" if you want to check those Microsoft protocols. Well, though it's much slower than Wireshark.
Reinhard
- 100
- 12